<?php

if(isset($_COOKIE['token'])){
    $rand1=$_COOKIE['token'];
    session_start();
    if(isset( $_SESSION[$rand1])){
        $id = $_SESSION[$rand1];
        $rand1=md5(rand(1000,9999));
        setcookie('token',$rand1,time()+1000);
        $_SESSION[$rand1]=$id;
        $mysqli = mysqli_connect('localhost','root','root','user');
        $my  ="select * from user1 where id =$id";
        $sas = mysqli_query($mysqli,$my);
        $ar  =mysqli_fetch_row($sas);
        if ($ar[5]==1){
            header("Location:a.php");
        }else {
            ?>
            <html>
            <head>
                <meta charset="UTF-8">
            </head>
            <body>
            <div>
                <table border="1" width="800px" cellspacing="0">
                    <?php
                    if (isset($_POST['submit'])) {
                        $name = $_FILES['file']['name']; // 被上传文件的名称
                        $type = $_FILES['file']['type'];// 被上传文件的类型
                        $size = $_FILES['file']['size'];// 被上传文件的大小，以字节计
                        $fuben = $_FILES['file']['tmp_name']; // 存储在服务器的文件的临时副本的名称
                        $error = $_FILES['file']['error'];// 由文件上传导致的错误代码move_uploaded_file($_FILES["file"]["tmp_name"],'tu/'.$name);
                        $sql = "update user2 set img = '$name' where uid = $id ";
                        mysqli_query($mysqli, $sql);
                    }

                    if (isset($_POST['subm'])) {
                        $ni = $_POST['nicheng'];
                        $sq = "update user2 set username = '$ni' where uid = $id ";
                        mysqli_query($mysqli, $sq);
                    }

                    if (isset($_POST['submi'])) {
                        $ge = $_POST['gexing'];
                        $sqli = "update user2 set action = '$ge' where uid = $id ";
                        mysqli_query($mysqli, $sqli);
                    }
                    $select = "select * from user2 where uid = $id";
                    $query = mysqli_query($mysqli, $select);
                    $arr = mysqli_fetch_all($query);
                    ?>
                    <div>
                        <img src="<?php echo 'tu/' . $arr[4] ?>"/>
                        <form action="#" method="post" enctype="multipart/form-data">
                            <input type="file" name="file"><br/>
                            <input type="submit" name="submit" value="确认切换"><br/><br/><br/>
                            <input type="text" name="nicheng" placeholder="昵称">
                            <input type="submit" name="subm" value="确认"><br/><br/><br/>
                            <input type="text" name="gexing" placeholder="个性签名">
                            <input type="submit" name="submi" value="确认"><br/><br/>

                        </form>
                    </div>

                    <tr>
                        <td>ID</td>
                        <td>UID</td>
                        <td>昵称：</td>
                        <td>个性签名：</td>
                        <td>头像</td>
                    </tr>
                    <?php
                    foreach ($arr as $v) {
                        ?>
                        <tr>
                            <td> <?php echo $v[0] ?> </td>
                            <td> <?php echo $v[1] ?> </td>
                            <td> <?php echo $v[2] ?> </td>
                            <td> <?php echo $v[3] ?> </td>
                            <td><img src="tu/<?php echo $v[4] ?>"/></td>
                        </tr>
                        <?php
                    }
                    ?>
                </table>
            </div>

            </body>
            </html>

            <?php
        }
    }
    //登录状态
}else{
    $url="login.html";
    header("Location:$url");
}
?>

